Forta

**Attack Overview** SquidMulticall suffered a $517K loss when an attacker exploited pre-existing MAX_UINT token approvals. The exploit affected multiple chains including Arbitrum, BSC, Avalanche, Optimism, and Base. **How It Happened** - Victims had previously granted unlimited (MAX_UINT) token approvals to the SquidMulticall contract - The attacker leveraged a permissionless multicall function to drain funds - No traditional "hack" was needed - users had already signed away access to their tokens **Key Takeaway** Stale token approvals represent a silent but significant attack surface. Old unlimited approvals can be exploited even if the original contract or protocol is no longer actively used. Forta Firewall detected the suspicious activity across all five affected chains. **Action Item**: Review and revoke unnecessary token approvals regularly using tools like Revoke.cash or Etherscan's approval checker.

**Wasabi Protocol suffered a $5.5M exploit** after a compromised deployer granted admin roles to malicious contracts, leading to a complete drainage of the protocol. **Key Details:** - The attacker exploited compromised admin credentials to drain 7 vaults - Affected chains included Base and Ethereum - A fake strategy contract was used to execute the theft - Forta Firewall had flagged the suspicious ADMIN_ROLE grant **Security Implications:** This incident highlights that operational security (OpSec) is just as critical as smart contract security. Even well-audited protocols remain vulnerable if admin keys are compromised. The attack demonstrates the ongoing need for robust key management practices and real-time monitoring systems in DeFi protocols.

April 2026 marked the worst month in crypto history with over $320 million drained across multiple exploits, including the $280 million Kelp incident. **Key Statistics:** - $320M+ lost in April alone - Follows $92M in losses across 33 incidents in March - Total of $412M+ drained in just two months **Security Response:** Forta's Firewall technology integrates directly into transaction flows to screen and block threats before execution. The system provides real-time transaction screening for chains and institutions moving onchain. The escalating exploit activity underscores the critical need for proactive security measures in blockchain infrastructure.

The U.S. Treasury's Office of Foreign Assets Control (OFAC) has sanctioned new Ethereum addresses connected to Sinaloa Cartel fentanyl trafficking operations. **Immediate Response:** - Forta Firewall updated its monitoring systems to track the sanctioned addresses - Transactions involving these wallets are now flagged before execution - The system provides real-time onchain compliance screening This follows a pattern of rapid response by Forta Firewall to OFAC sanctions. In March, the platform similarly updated its blocking list within hours when Treasury sanctioned 20 Ethereum wallets linked to terrorism and North Korea. [Learn more about Forta Firewall](https://forta.org/firewall?utm_source=twitter&utm_medium=social&utm_campaign=firewall-update&utm_content=ink-case-study)

**IoTeX Bridge Exploit: $8M Drained** The @iotex_io Bridge suffered a major security breach on February 28, 2026, losing $4.3M initially and escalating to $8M within 90 minutes. The attack was executed through a single compromised private key. **Key Details:** - Attack vector: Compromised private key - Timeline: $4.3M → $8M in 90 minutes - Detection: Forta Firewall caught the attacker's mainnet movements in real-time **Recent Context:** Just two days earlier, a @FOOMCASH lottery-contract exploit put $1.8M at risk. Forta Firewall flagged the attack in real-time and successfully blocked it on Firewall-enabled chains. This incident highlights the ongoing security challenges in cross-chain infrastructure and the critical importance of private key management in blockchain systems. Real-time detection systems like Forta Firewall are proving essential for identifying threats, though prevention remains dependent on proper security practices. Learn more about Forta Firewall: [Introducing Forta Firewall](https://forta.org/blog/introducing-forta-firewall/)

**AI-powered blockchain security gains recognition** as Forta Firewall appears in Messari's latest State of AI report. The inclusion highlights how **artificial intelligence is becoming integral** to onchain security infrastructure. Forta's AI-driven transaction screening technology represents the evolution of blockchain defense mechanisms. - AI-powered attackers require AI-powered defenders - Real-time transaction screening at scale - Growing integration across multiple blockchain networks With **290M+ transactions already screened**, Forta Firewall demonstrates practical AI implementation in blockchain security, moving beyond theoretical applications to active threat detection.

**Yearn Finance suffered a $9M exploit** on mainnet through a sophisticated price manipulation attack. **How the attack worked:** - Attacker drained liquidity pools - Broke pricing mechanisms - Minted cheap yETH tokens - Sold them for regular ETH at inflated prices **Detection vs Prevention:** Forta Firewall **flagged the exploit in real time** but couldn't stop it. The attack happened so fast that only real-time detection was possible. **Key insight:** Pre-execution screening could have **prevented this attack entirely** rather than just detecting it after the damage was done. This follows a pattern of recent price manipulation exploits, including attacks on DRLVaultV3 (~$100K) and RWB (~$180K), highlighting the critical need for **proactive security measures** in DeFi protocols.

**Forta Firewall** has been providing security and compliance screening for Plume Network's RWA chain transactions from launch. The infrastructure processes approximately **2.5 million daily transactions** for institutional-grade real-world asset operations. Key features: - Real-time transaction monitoring - Compliance infrastructure for institutional adoption - Security screening for RWA scaling Plume's vaults include investments from major financial institutions like **Blackstone, Carlyle, BlackRock, Fidelity, and PIMCO**. This demonstrates how traditional Wall Street firms are leveraging blockchain infrastructure with proper security measures for on-chain RWA deployment. [Read more about institutional RWA adoption](https://www.forta.org/blog/from-blackstone-to-blockchain-enabling-institutional-rwa-adoption-with-forta-firewall)

**Forta Firewall** has partnered with **Plume Network**, a leading real-world asset (RWA) tokenization platform. **Key Partnership Details:** - Plume operates 180+ protocols with $3B+ in available assets - Partnership focuses on enhancing security and compliance for RWA projects - Forta provides real-time blockchain monitoring infrastructure **Why This Matters:** As RWA tokenization grows, robust security infrastructure becomes critical. Forta's decentralized detection network helps identify threats and outlier transactions in real-time. The collaboration positions both platforms to better serve the expanding RWA sector with enterprise-grade security solutions. [Read more details](https://www.forta.org/blog/plume-partners-with-forta-rwa)

**Regulatory compliance** is becoming a core requirement for blockchain networks, particularly regarding OFAC-sanctioned wallet transactions. Key points: - Transactions with sanctioned wallets pose significant regulatory risks - Compliance screening is now essential infrastructure for rollups - Forta Firewall offers a solution for OFAC screening implementation *Security and compliance* are emerging as crucial growth enablers in the on-chain economy. Forta Firewall provides tools to help rollups and protocols prevent potential security breaches and maintain regulatory compliance. Learn more: [Forta's Guide to OFAC Screening](https://www.forta.org/blog/why-ofac-screening-matters-in-crypto-and-how-forta-firewall-helps)